Re: Technical committee resolution

To: debian-vote@lists.debian.org
Subject: Re: Technical committee resolution
From: Don Armstrong <don@debian.org>
Date: Fri, 28 Mar 2008 23:28:59 -0700
Message-id: <20080329062859.GB32618@volo.donarmstrong.com>
Mail-followup-to: debian-vote@lists.debian.org
In-reply-to: <20080329045739.GB1445@kodama.kitenet.net>
References: <20080310024828.GA1079@blae.erisian.com.au> <20080322031705.GB19432@keid.carnet.hr> <18411.61353.680709.270312@davenant.relativity.greenend.org.uk> <18411.61505.40271.842025@davenant.relativity.greenend.org.uk> <20080327214953.GB11760@kodama.kitenet.net> <18413.18951.173614.320141@davenant.relativity.greenend.org.uk> <20080329012735.GA15689@kodama.kitenet.net> <87tziqxmqh.fsf@anzu.internal.golden-gryphon.com> <20080329045739.GB1445@kodama.kitenet.net>

On Sat, 29 Mar 2008, Joey Hess wrote:
> Well, just to pick an example, if the TC had chosen you to deal with
> the wordpress-in-stable issue, and you had personally decided it
> needed to be in stable, and had done whatever work was initially
> needed to get it into stable with security support, you'd still be
> responsible for its security now, and the several security holes it
> has now would be a problem that you'd be aware of, and at least be
> worrying about if nothing else.

The package in question, as problematic as it is, has an active
maintainer who claimed that he would do exactly this. According to the
list of open bugs that I can see, the security issues that are
currently affecting the stable version are supposedly minor. [If
they're not, someone who knows more about the CVEs in question that I
do should file more bugs and/or adjust severities appropriately.]

Don Armstrong

-- 
[A] theory is falsifiable [(and therefore scientific) only] if the
class of its potential falsifiers is not empty.
 -- Sir Karl Popper _The Logic of Scientific Discovery_ §21

http://www.donarmstrong.com              http://rzlab.ucr.edu

Reply to:

Follow-Ups:
- Re: Technical committee resolution
  - From: Joey Hess <joeyh@debian.org>
- Re: Technical committee resolution
  - From: Moritz Muehlenhoff <jmm@inutil.org>

References:
- Technical committee resolution
  - From: Anthony Towns <aj@azure.humbug.org.au>
- Re: Technical committee resolution
  - From: Josip Rodin <joy@entuzijast.net>
- Re: Technical committee resolution
  - From: Ian Jackson <ian@davenant.greenend.org.uk>
- Re: Technical committee resolution
  - From: Ian Jackson <ian@davenant.greenend.org.uk>
- Re: Technical committee resolution
  - From: Joey Hess <joeyh@debian.org>
- Re: Technical committee resolution
  - From: Ian Jackson <ian@davenant.greenend.org.uk>
- Re: Technical committee resolution
  - From: Joey Hess <joeyh@debian.org>
- Re: Technical committee resolution
  - From: Manoj Srivastava <srivasta@debian.org>
- Re: Technical committee resolution
  - From: Joey Hess <joeyh@debian.org>

Prev by Date: Re: Technical committee resolution
Next by Date: Re: Technical committee resolution
Previous by thread: Re: Technical committee resolution
Next by thread: Re: Technical committee resolution
Index(es):
- Date
- Thread